AWS Public Sector Blog
The true costs of resiliency decisions
Many organizations may not fully recognize or calculate the true costs of workload resiliency decisions. These true costs include the full spectrum of costing considerations that make up a decision, from readily-determinable accounting costs to less-recognizable intangible costs. At Amazon Web Services (AWS), estimating the accounting costs of resilient workloads is made simpler with the publicly-available AWS Pricing Calculator. However, determining the intangible costs of a resiliency decision requires estimating the effects it will have on people, the risk to technology and data, and the possible future impact to the organization. This estimation can sometimes be referred to as a business impact and risk assessment. A useful model when evaluating these decisions is the accounting-economic principles used for estimating opportunity costs.
Figure 1. Costing levels as they relate to resiliency decisions.
Opportunity cost decisions consider economic choices in organizations with both the accounting costs of those choices, which are often shorter-term and more recognizable—called explicit costs—as well as the intangible costs of those choices, which are often longer-term and less recognizable—called implicit costs. A workload resiliency decision contains both types of costing elements with many different possibilities for economic impact on the organization. As public sector organizations often have limited resources and complex missions, it’s important to understand the true costs and economic impact involved in a resiliency decision; this can help these organizations to both prepare and plan with their available resources.
AWS Shared Responsibility Model for resiliency
Before making costing decisions on AWS services, it is helpful to have a basic definition of resiliency and to understand how AWS shares resiliency responsibilities with our customers.
Figure 2. The AWS Shares Responsibility model. Resiliency is a shared responsibility between AWS and the customer.
In basic terms, resiliency means the ability to respond to and recover from adverse changes or failures. The AWS Shared Responsibility Model for Resiliency makes creating resilient workloads on AWS simpler with defined responsibilities between AWS and customers. AWS is responsible for resiliency of the infrastructure that runs all of the services offered in the AWS Cloud. This is referred to as “Resiliency of the Cloud.” The responsibilities of the customer are determined by the services selected and the configurations needed to achieve resiliency of those services. This is referred to as “Resiliency in the Cloud.” Before deciding on a resiliency level for your workload, it is important to identify where non-resilience may result in higher implicit costs.
Resiliency and implicit costs
Understanding and estimating implicit costs in a resiliency decision starts with identifying the affected people, the risk to technology and data, and the impact on the organization. The following Table 1 contains some of the common implicit cost categorizations under these three areas. Every organization will weigh the gravity of implicit costs for a given workload differently. For example, “Cost of lack of availability” and “Cost to customer/member service due to unavailability” may be of top concern to an organization with a customer/member facing website. A data-centric organization may be most concerned with “Cost to legal fees” and “Cost of governmental fines.” In addition, some types of implicit costs, such as the ones relating to availability, maintenance, and staffing have larger breadth, thus higher implicit costs. Other categories, such as “Cost to security,” have both breadth and depth implications to other implicit costs based upon resiliency level decisions.
Table 1. Common implicit cost considerations for resiliency.
AWS Well-Architected Framework
AWS offers guidance and tools to help customers assess resiliency needs within the context of AWS best practices. For instance, every AWS customer can perform an AWS Well-Architected Framework self-assessment using the AWS Well-Architected Tool, accessible from within the AWS Console Home page. The AWS Well-Architected review is designed to help customers review workloads against AWS best practices, and guides customers through best practices laid out in six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. An AWS Well-Architected review of your workflow will help everyone involved gain insights into who are the people needed to be involved, how resilient is the architecture plan being deployed, and what are the organizational challenges to overcome.
Resiliency and AWS Cloud Products
AWS Cloud Products are all the AWS service offerings, many of which have built-in capabilities for helping customers deploy resilient workloads. For example, Amazon Relational Database Service (Amazon RDS) is a resilient database service that deploys popular database engines in highly-available scalable architectures, with routine maintenance and automated backup capabilities provided by AWS. Amazon Simple Storage Service (Amazon S3) is an object storage service that can produce highly-durable object storage by using AWS resilient infrastructure and customer-specified resilient configurations. AWS Lambda is a serverless compute service that improves a workload’s resiliency by scaling and integrating with over 200 other AWS services, all without the need for customer deployment of infrastructure. What these three services have in common, along with many other AWS services, are their natively built-in capabilities to improve resilience. These capabilities allow our customers to configure and deploy resilient workloads at lower costs using the economies of scale that AWS employs by developing cloud services for customers.
Resiliency planning is proactive
Now that you know that the true costs to resiliency decisions have both explicit and implicit cost, that implicit costs are intangible non-accounting costs with significant longer-term impact, and that AWS services have built-in value for deploying resiliency at scale, you can begin determining your workloads “true” resiliency costs within your organization and teams. Start by identifying the people, technology and data, and organizational impact, that will be affected by your workloads. AWS Resilience Hub is a service specifically designed for documenting, evaluating, and tracking the resiliency of your workloads in the AWS Cloud. When reviewing workloads for resiliency, it could be that you find a non-resilient workload with very little risk of implicit costs. However, more often you will identify workloads that have undetermined significance and yet-to-be-realized implicit costs for non-resiliency. By evaluating the true cost of resiliency now, it is possible, with planning, to avoid the higher implicit costs of under-resilient workloads.
Additional resiliency resources:
- How to use the AWS Resilience Hub score
- Build a resilient Amazon Redshift architecture with automatic recovery enabled
- How to use Resilience Hub’s Fault Injection Experiments to test application’s resilience
- Architecting for resiliency on AWS App Runner
- Continually assessing application resilience with AWS Resilience Hub and AWS CodePipeline
Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox, or contact us.
Please take a few minutes to share insights regarding your experience with the AWS Public Sector Blog in this survey, and we’ll use feedback from the survey to create more content aligned with the preferences of our readers.